User:Dzonatas Sol/AWG Identity

From Second Life Wiki
Jump to: navigation, search
Slarch.jpg

 Description:

Dzonatas Sol/AWG Identity

Identity refers to characteristics that can be recognized, or that can persist in order to access a computer system or to verify other information. In regards to Security, these have no specific form, and implementation of any means to Identity are subject to vary even after initial implementation. In regards to Avatars, it is a common method for a User to access the virtual world with such Identity as a key.

Notes

  • identity should be pluggable
    • [Please build a list of desired identity verification systems]
    • OpenID
  • various grades of verification should be possible
    • RL Identity Verification:
      • "Is the user exactly who he/she claims he/she is?"
      • Very strong verification. Permanently links ID of account to real-world ID of user.
    • Age Verification:
      • "Is the user old enough to be on this system?"
      • Weak verification. Minimum amount needed to maintain compliance with child online access laws.
    • Unique Verification:
      • "Is this user unique, or is it an Alt?"
      • Weak verification. Minimum needed to enforce bans due to TOS violations.
      • Very difficult to enforce due to ease of changing commonly-used identifiers: IP address, MAC address, hardware serial numbers/profiles, etc.
    • Virtual Identity Verification:
      • In a multi-site, multi-grid, multi-world and multi-national distributed architecture, RL verification is not feasible.
      • Multi-national ID verification might be provided through means such as OpenID provided by the user's ISP, such as what Orange Telecom has done in France.
      • RL identity must be safeguarded for residents living under conditions where human rights are not protected.
      • Relevant question: "Is this person XXXX the same XXXX I was talking to yesterday on a different world?"
  • Verification must not require sensitive data to pass through insecure systems or require storage of sensitive data (link virtual identity <--> RL identity is sensitive data, too)
  • It should be possible to attach an unlimited amount of agent from different domains to one identity